4 matches found
CVE-2023-26102
All versions of the package rangy are vulnerable to Prototype Pollution when using the extend function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype...
CVE-2023-26102
creationtimestamp| type| source ---|---|--- 2023-02-24 07:18:52+00:00| seen| https://t.me/cibsecurity/58842...
CVE-2023-26102
All versions of the package rangy are vulnerable to Prototype Pollution when using the extend function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype...
rk-editor (=2.2.11) potentially affected by CVE-2023-26102 via rangy (=1.3.1)
rangy NPM version =1.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on rangy and may be impacted: - rk-editor =2.2.11 Source cves: CVE-2023-26102 Source advisory: SNYK:JS-RANGY-3175702...